Facebook - It's all or nothing

GDPR - the wild west is about to be subdued...

As one website says, "The EU General Data Protection Regulation (GDPR) is the most important change in data privacy regulation in 20 years."

You better believe it.

The bottom line is, you need to be compliant with some pretty strict data protection rules. You'll need a compliant privacy policy on your website. You need to make sure you are NOT storing or passing on customer information online, without express permission. Tracking (essential for figuring out if your marketing works) is going to become harder.

It's going to be challenging for small businesses to operate legally in this strict new world. The big corporations will have teams of lawyers, coders and marketing professionals working round the clock - and for good reason.

Failure to comply could mean a fine, potentially a very large one.

But it's not all scary headlines and doom and gloom. At the core of the GDPR is a lot of common sense. It's about protecting people's personal information, and doing so in a way which makes sense. People should be in control of their information, and it should be clear how that works. An organisation which already takes data protection seriously and isn't willing to take shortcuts which might put data at risk will find GDPR compliance straightforward.

Nathan, who lives in Glasgow, studied Computer Science at Strathclyde University. Nathan also runs a creative arts social enterprise, including producing fantasy action feature film The Gaelic King, set for release in 2017.